Blue Team Village, DEF CON 2018 | Salted Hash Ep 43
Host Steve Ragan talks to Munin, a staffer at the DEF CON Blue Team Village about what's happening and what you can expect.
Computer Security Articles
RSS Reader for Computer Security Articles
ComputerWorld
Patch Tuesday’s coming: Block Windows Update and pray we don’t get fooled again
Credit to Author: Woody Leonhard| Date: Mon, 13 Aug 2018 06:37:00 -0700
July 2018 patches for both Windows and Office brought bugs and bugs of bugs — many of which haven’t been solved, even now. We have even reached the unprecedented stage where the .NET team openly warned people against installing buggy updates, and the Monthly Rollup previews got shoved down the Automatic Update chute to fix bugs in the primary Monthly Rollup.
July was more galling than most months because the patches caused widespread problems for many, while plugging security holes for exactly zero widespread infections.
Blue Team village, Deffcon 2018 | Salted Hash Ep. 43
Host Steve Ragan talks to Munin, a staffer at the DEF CON Blue Team Village about what's happening and what you can expect.
A word to the wise: Skip Microsoft’s July patches
Credit to Author: Woody Leonhard| Date: Fri, 10 Aug 2018 05:22:00 -0700
On July 9, I recommended that you disable Windows Automatic Update and wait to see if the July Microsoft patches brought more mayhem than relief. With the August patches just a few days away, it’s time to put a nail in the July coffin. I strongly recommend that you not install any of the July patches, and pray that Microsoft treats us better in August.
It’s been a tumultuous month.
An inside look at hybrid Office 365 phishing attacks | Salted Hash Ep 41
In this episode, Steve Ragan shows what a hybrid phishing attack looks like as it starts off on one service, and quickly moves to another.
Grand Theft IT? Not quite
Credit to Author: Sharky| Date: Tue, 07 Aug 2018 03:00:00 -0700
The time has come for the sales team at this financial services company to get new top-of-the-line laptops — and they’re being upgraded 80 at a time, reports an IT pilot fish there.
“Late one night, the guy in charge of the upgrade got a call from Security saying that a break-in had occurred,” fish says. “They told him that on the security cameras they saw the thieves making off with a lot of laptops.
“The upgrade project manager arrived at the scene to meet the police — who were very puzzled when he started laughing.
“Turns out the thieves stole 80 decommissioned laptops with no hard drives, while ignoring the 80 new laptops sitting in boxes beside the decommissioned ones.”
What is a phishing kit? Watch this in-depth explainer | Salted Hash Ep 39
What is a phishing kit? In this video, Steve Ragan offers an answer and a look at some of the kits Salted Hash has collected.
TSMC's iPhone chip attack is a wake-up call for enterprise security
Credit to Author: Jonny Evans| Date: Mon, 06 Aug 2018 05:21:00 -0700
Apple chipmaker TSMC suffered a serious WannaCry-related ransomware infection that closed down production at some of its factories. The incident should be a wake-up call for manufacturers across every industry.
Manufacturing is under attack
TSMC has said the incident was not the result of a direct attack. Instead it says its systems were exposed to the malware “when a supplier installed tainted software without a virus scan.”
The malware spread fast and impacted some of the company’s most advanced facilities used to build Apple’s A-series chips.